Solution (Value Proposition)Project Turris is a service helping to protect its user's home network with the help of a special router. It is a not-for-profit research project of CZ.NIC, z. s. p. o., the registry of the Czech national top level domain .CZ. The TURRIS project represents a whole security environment composed from a secure by design router and a TURRIS central with cyber threat analysis, the Czech national CSIRT in the background and an up-to-date security fix on-line distribution. Each user of the service obtains a TURRIS router, which can, besides serving as a normal home router, also analyse the traffic between Internet and the home network, and identify suspicious data flows. Similarly to a watchtower, it then alerts the TURRIS central of a possible attack. At the system headquarters, it is then possible to compare data from many connected TURRIS routers and asses the security status of detected traffic. In case an attack is detected, corresponding updates are prepared and distributed to the whole TURRIS network, thus helping to protect all its users. At the same time, TURRIS redirects the attacker to a central honeypot for further analysis. Not to slow down your Internet access by security analysis, we have developed our own highperformance hardware for the TURRIS router. It allows for protecting a home network without sacrificing transfer speed. Based on the analysis of the data gained, it is possible to create a security fix and immediately distribute it into other TURRIS routers and thus protect also other users from the most recent vulnerabilities. Due to the research nature of the project, we are offering the device for a symbolic price of one Czech crown. In order to participate in the project, the user is required to commit to using the TURRIS router as the main Internet gateway for his network for a specified period of time, and not to intervene in collection of data.

Key Differentiators:From the beginning, the TURRIS has been conceived as a secure-by-design router as well as a complex security ecosystem in which an important role is played by the close cooperation with the national security team CSIRT and by regular firewall updates, which enable protecting the users from current vulnerabilities. The router itself is further distinguished from the rival devices by strict adherence to the complex openness principle (both open-software and open-hardware) which, contrary to the competition, allows the community to control the ongoing processes including the reassurance that the system does not contain any back-doors. Thanks to the secure-by-design concept in the TURRIS router there is implemented e.g. DNSSEC support in recursive resolver or perfect IPv6 support including firewall and transition mechanisms. An integral part of the project is ensuring the protection of privacy, with all the system being designed so that it is impossible to identify individual users.

Supporting Technology (the 'magic')

Hardware: Because we do not want to slow down your internet access by security analysis, we are developing our own high-performance hardware for the Turris router. It allows for protecting a home network without sacrificing transfer speed. Software: The Turris router contains a modern operating system with remote updates and an innovative system for security analysis of network traffic. Security: Enhancing security of your network is the main goal of our project. Besides the passive protection offered by a secure operating system, there is the additional benefit of distributed adaptive firewall. Privacy: Much attention was paid to protection of privacy and sensitive data. More information about specific measures is available on the linked page.

Available programms:

Majordomo - a tool for monitoring of communication of LAN devices with the Majordomo Internet. Besides giving an overview about behavior of individual computers in the local network, it can also uncover suspicious traffic from clever home appliances or help with splitting of the bill for network connection.

Passive monitoring of network speed - One of many probes in router Turris continually monitors current transfer speed. Based on this data, we can offer our users detailed statistics of their bandwidth utilization as well as generate a global statistics of maximum speeds, which predict the actual bandwidth of the connection.

Netflow - The "flows" probe collects netflow data (that is IP addresses, ports, time and amount of transported data) of suspicious traffic. Data collection is started automatically based on detection of specific network traffic, anomaly or communication with a suspicious address.

Team Experience

Ondřej Filip, Chief Executive Officer of the CZ.NIC AssociationThe project is a brainchild of Ondřej Filip, a Chief Executive Officer of the CZ.NIC Association and one of the Czech and world´s leading experts on the area of security and stability of the Internet. Ondřej Filip is a chairman of the board of the DNS OARC (The Domain Name System Operations Analysis and Research Center) and a member of the important and prestigious Security and Stability Advisory Committee (SSAC) within the ICANN (Internet Corporation for Assigned Names and Numbers). Ondřej Filip used to be also a member of the Multistakeholder Advisory Group, which assists the Secretary General of the United Nations in convening the Internet Governance Forum. Among his most significant projects is the BIRD software (Internet Routing Demon), which, according to the Euro IXP organisation´s latest poll, is being used by 64% of the world´s Internet Exchange Points, making it the most popular software for these centres.

Dr. Bedrich Kosata, Chief Science Officer at CZ.NICAnother important team member is Dr. Bedřich Košata–a head of the CZ.NIC Labs, who has been responsible for a range of security projects, e.g. the DNSSEC Validator, an add-in for Internet browsers enabling easy verification of security of a given domain, and for the development of statistical and monitoring tools for DNS.

The TURRIS router project team consists of seven persons, each of whom has unique knowledge, be it in the area of security, hardware or software design, or cyber-security.